www.winnipegfreepress.com Open in urlscan Pro
2a04:fa87:fffd::c000:4221 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Submission: On August 04 via manual (August 4th 2022, 2:33:24 pm UTC) from US — Scanned from DE

Summary HTTP 77 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 26 IPs in 7 countries across 12 domains to perform 77 HTTP transactions. The main IP is 2a04:fa87:fffd::c000:4221, located in Ireland and belongs to AUTOMATTIC, US. The main domain is www.winnipegfreepress.com. The Cisco Umbrella rank of the primary domain is 422531.
TLS certificate: Issued by R3 on July 24th 2022. Valid for: 3 months.

This is the only time www.winnipegfreepress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2a04:fa87:fff... 2a04:fa87:fffd::c000:4221	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:6c0... 2a02:26f0:6c00:2a7::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
11	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:10e... 2a02:26f0:10e:380::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
4	147.75.85.120 147.75.85.120	54825 (PACKET) (PACKET)
1	205.200.191.140 205.200.191.140	7122 (MTS-ASN) (MTS-ASN)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0d::9c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
77	26

19 2a04:fa87:fffd::c000:4221 (Ireland)

ASN2635 (AUTOMATTIC, US)

www.winnipegfreepress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:2a7::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:10e:380::268b (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

scdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 147.75.85.120 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

api.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.200.191.140 (Winnipeg, Canada)

ASN7122 (MTS-ASN, CA)
PTR: 205-200-200-191-140.static.bellmts.net

account.winnipegfreepress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	winnipegfreepress.com www.winnipegfreepress.com — Cisco Umbrella Rank: 422531 account.winnipegfreepress.com	2 MB
12	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222 stats.g.doubleclick.net — Cisco Umbrella Rank: 118	233 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 5e3441cfaba0b6943618341191da2e14.safeframe.googlesyndication.com Failed tpc.googlesyndication.com — Cisco Umbrella Rank: 160	111 KB
9	cxense.com cdn.cxense.com — Cisco Umbrella Rank: 4600 scdn.cxense.com — Cisco Umbrella Rank: 10839 api.cxense.com — Cisco Umbrella Rank: 6343 p1cluster.cxense.com Failed	98 KB
8	google.com translate.google.com — Cisco Umbrella Rank: 1377 news.google.com — Cisco Umbrella Rank: 4836 apis.google.com — Cisco Umbrella Rank: 161 adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	172 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	78 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67 translate.googleapis.com — Cisco Umbrella Rank: 1094	88 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8117 www.google.de — Cisco Umbrella Rank: 5596	1 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2342 pixel.wp.com — Cisco Umbrella Rank: 2171	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	43 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	87 KB
77	12

	Domain	Requested by
19	www.winnipegfreepress.com	www.winnipegfreepress.com
11	securepubads.g.doubleclick.net	www.winnipegfreepress.com securepubads.g.doubleclick.net www.googletagservices.com
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	api.cxense.com	cdn.cxense.com
3	fonts.gstatic.com	fonts.googleapis.com
3	news.google.com	www.winnipegfreepress.com news.google.com
3	cdn.cxense.com	www.winnipegfreepress.com cdn.cxense.com
2	www.google.com	www.winnipegfreepress.com tpc.googlesyndication.com
2	www.gstatic.com	www.winnipegfreepress.com translate.googleapis.com
2	scdn.cxense.com	www.winnipegfreepress.com
2	translate.googleapis.com	www.winnipegfreepress.com
2	www.google-analytics.com	www.winnipegfreepress.com www.google-analytics.com
1	www.google.de	www.winnipegfreepress.com
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	account.winnipegfreepress.com	www.winnipegfreepress.com
1	pixel.wp.com	www.winnipegfreepress.com
1	stats.wp.com	www.winnipegfreepress.com
1	apis.google.com	www.winnipegfreepress.com
1	translate.google.com	www.winnipegfreepress.com
1	www.googletagmanager.com	www.winnipegfreepress.com
1	fonts.googleapis.com	www.winnipegfreepress.com
0	p1cluster.cxense.com Failed	cdn.cxense.com
0	5e3441cfaba0b6943618341191da2e14.safeframe.googlesyndication.com Failed	securepubads.g.doubleclick.net
77	27

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net

Subject Issuer	Validity	Valid
winnipegfreepress.com R3	`2022-07-24` - `2022-10-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-17` - `2023-04-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Frame ID: 9165EE6C536B865C64E7EB7C9F35FD65
Requests: 69 HTTP requests in this frame

Frame: data://truncated
Frame ID: 9ADBA2677A9F7D0FF857B86455FD3411
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: BB9238149E172216E7E53A039B064108
Requests: 3 HTTP requests in this frame

Frame: https://5e3441cfaba0b6943618341191da2e14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EAF9CCEBFF414C815AF950A53827EA7F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4C2CB075F7D894E98256477746E39C66
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 10E3C5F0DAECD4CD373429549F3132B6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Lightbox (JavaScript Libraries) Expand

Page Statistics

77
Requests

97 %
HTTPS

83 %
IPv6

12
Domains

27
Subdomains

26
IPs

7
Countries

2595 kB
Transfer

4958 kB
Size

11
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjsvpvdLMvqLt1JTn9mxAStdhQLWfI0mhrsol8CVkAcZJdOv36jZAWO7ag1cSORgvOpGrHv1rZXg0BVMGOMHPG739JqvftBBmq1F756opetjBqfagkUiN5k5BzAGtXgiA7260599dNtLUZdVbitrDi_EKBnOGhQzJwRWmI-jPlkL_Cvov-wGq2nXbz1fmpHoJcSDgmhFJek3vLoXQO3c7AXodR8YBldHogHv2VRyy7Tnbj3I2VkAqIua7GqSMFx3-vYNPLr5vZuw7g44lJv3KDO2bMgdt1Vo1SeOgw8a7UPnH40Wv59nIda1HLbDPY9nPDseAyeKfdn8fyR7sPc-o62U&sai=AMfl-YSseHNJkd_uKZPaQqOG9P00HuBudKHPedf-OfZv8yrAhJRqz0RByRTXFagOSNdTtBCpfT2HRX2N7yLfY6DEtQhPfnsl03JS42fEIIHa&sig=Cg0ArKJSzOqiTQG-fORT&fbs_aeid=[gw_fbsaeid]&adurl=https://www.ticketmaster.ca/winnipeg-blue-bombers-vs-montreal-alouettes-winnipeg-manitoba-08-11-2022/event/11005C61A18221F8

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

77 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0 Show response
www.winnipegfreepress.com/sports/baseball/2022/08/02/ 167 KB
32 KB 277ms
7ms Document
text/html 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx / WordPress VIP <https://wpvip.com>
Resource Hash: 073e7619ca446d1bde9d2f3f25d876599f02fed92788d2df34a77837623f3a7a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 129
cache-control: max-age=300, must-revalidate
content-encoding: gzip
content-length: 32079
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 14:33:19 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.winnipegfreepress.com/wp-json/>; rel="https://api.w.org/" <https://www.winnipegfreepress.com/wp-json/wp/v2/posts/600036036>; rel="alternate"; type="application/json" <https://www.winnipegfreepress.com/?p=600036036>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-cache: hit
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn1 0 2 9980

GET
H2 200 css2
fonts.googleapis.com/ 29 KB
2 KB 72ms
25ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans+Condensed:ital,wght@0,300;0,700;1,300&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&display=swap

Requested by

Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc641b6eb1ecfb02acdf5abe13fca03ca9dbfd506cc9000c63897e50e30b89b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 14:33:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 04 Aug 2022 14:33:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Aug 2022 14:33:19 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 83 KB
27 KB 54ms
17ms Script
application/x-javascript 2a02:26f0:6c00:2a7::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b6864bdada069d9e3cee16d090651eb942cd22f5bca55d5a37802a092cdbf97c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Thu, 04 Aug 2022 14:33:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Aug 2022 12:28:01 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26873
Expires: Thu, 04 Aug 2022 15:33:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 53ms
15ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5479
date: Thu, 04 Aug 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 04 Aug 2022 15:02:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 286 KB
87 KB 76ms
38ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TK48WJ9

Requested by

Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f37b447568db0f206c5b2def4e88a2bcfc5607c537a7155d68d76d37a83a859b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:19 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88821
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Aug 2022 14:33:19 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 60ms
13ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 13:59:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 04 Aug 2022 14:59:14 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 76 KB
27 KB 79ms
31ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b9051c50f5fd8ee89213edf56e7080e1e31afec51ce401a1cc9cb5602396217

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 14:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
29 KB 93ms
28ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

e1916e916d1959dc90227525475467f0befc77019296c1d2cbbc4abee2b61f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28613
x-xss-protection: 0
server: sffe
etag: "1293 / 114 of 1000 / last-modified: 1659611411"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 Aug 2022 14:33:19 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 146 KB
45 KB 86ms
34ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c22acf033355e1f3cdfc9756a855d7d448719b0c3daf345b609e3e911e0b0c32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46100
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 18:14:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 15:02:31 GMT

GET
H2 200 swg-gaa.js Show response
news.google.com/swg/js/v1/ 71 KB
72 KB 71ms
20ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-gaa.js

Requested by

Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1367671f0ae67ab5ecd2f19c0d67562f23be5a660112fd859062493ff60bf8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 13:46:20 GMT
x-content-type-options: nosniff
age: 2819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72622
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 18:14:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 14:36:20 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 63ms
22ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

104d9312b0ab49ab36365302d0dbc3db5dc9f5a24d8d4494bc4dd3f27b343714

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Thu, 04 Aug 2022 14:33:19 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "6c3f880666401504"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Aug 2022 14:33:19 GMT

GET
H/1.1 200
OK cx.cce.js Show response
scdn.cxense.com/ 23 KB
6 KB 72ms
22ms Script
application/x-javascript 2a02:26f0:10e:380::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.cce.js
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e:380::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: eb578e5229cead21a487f38f0428ce5362cc04b13dfbc686cb380be538c0e79f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Thu, 04 Aug 2022 14:33:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 May 2022 19:29:56 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5964
Expires: Thu, 04 Aug 2022 15:33:19 GMT

GET
H/1.1 200
OK cx.js Show response
scdn.cxense.com/ 83 KB
27 KB 27ms
25ms Script
application/x-javascript 2a02:26f0:10e:380::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.js
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e:380::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b6864bdada069d9e3cee16d090651eb942cd22f5bca55d5a37802a092cdbf97c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Thu, 04 Aug 2022 14:33:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Aug 2022 12:28:01 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26873
Expires: Thu, 04 Aug 2022 15:33:19 GMT

GET
H2 200 /
www.winnipegfreepress.com/_static/ 102 KB
14 KB 7ms
7ms Stylesheet
text/css 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winnipegfreepress.com/_static/??-eJyNi0EKgCAQRS+UDQWVm+gspkNMjRaOEd4+N0Ht2nx4/PfgOhQFy6dDASsCjiTBzLvdFNMcTcwgKTPWnkJdhArexSrg0ZFBRo8hfeBgkzEqxsXY/C8v35ufaPJj03dat0OZG4faQbs=
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a498fa67baa2666eed28350f8a5c0b49b7d5de7899b1950a68dba7342eaab7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:19 GMT
x-rq: hhn1 0 2 9980
last-modified: Tue, 26 Jul 2022 09:26:28 GMT
server: nginx
age: 6841
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 14667

GET
H2 200 /
www.winnipegfreepress.com/_static/ 254 KB
55 KB 16ms
15ms Stylesheet
text/css 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winnipegfreepress.com/_static/??-eJyVj90OwjAIRl9Iio2u0Qvjs3Qdc9X+RZjTt7fOmHihJl5B4HDygVMBl5NQEixhPPjEGPxhkDZfoQxZMk++EFpmEkaWWyDGjno7BlGOeYFvBhd8LRBHeLn687zqqrTFvvZ2Is6R4NIo3ai1ij79q5kTnaEdUxeqaKNWSn/0yECxpu0L+OSgtUwwj55vfMOnyv/C3mIdSYp1J9Baaazca/C42cedNs3WaGPM8g68m4Nz
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 288d1b6481760012a8dfc911872d7dd6ff4f10fed77356cbf1d453d14bcaf9b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:19 GMT
x-rq: hhn1 0 2 9980
last-modified: Thu, 04 Aug 2022 12:37:40 GMT
server: nginx
age: 6573
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 55863

GET
H2 200 / Show response
www.winnipegfreepress.com/_static/ 660 KB
178 KB 8ms
8ms Script
application/javascript 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winnipegfreepress.com/_static/??-eJydkM0OwiAQhF9IQPzBejA+Cy20bgNbXMBGn140Gr2Y2CabzGF3Jt+sGANrBkwWk2gcFGE+s+ByBxhFS8+VEQ5qYfS1j+wiuVzyHfeAvI8L8b+/BewsBQJMq0dMxdWMlJNG42ytqaBsCsdUko//bQJsXDY2ir7MOVu6vuQ7+ecR89CRTnYixtgGHcLE7n4wlhBuNONvcYRgidX5UZ9dKr7mcmJMGGIq50d/kGq7V1IptezvXDrUhA==
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 729a501aa8ab4d1fef954bdff2751ab4cc896c02a878113fd93ce56451cf4535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:19 GMT
x-rq: hhn1 0 2 9980
last-modified: Thu, 04 Aug 2022 12:37:40 GMT
server: nginx
age: 6573
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 181553

GET
H2 200 b.png
www.winnipegfreepress.com/wp-content/themes/fp-inc-base-theme/images/weather/icons-png/ 3 KB
3 KB 10ms
7ms Image
image/png 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winnipegfreepress.com/wp-content/themes/fp-inc-base-theme/images/weather/icons-png/b.png
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 13689523a09825f3186a135d2234306e7a5e1a294b176745b3c9c8417b59a73b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:19 GMT
x-rq: hhn1 0 2 9980
last-modified: Mon, 25 Jul 2022 13:57:39 GMT
server: nginx
age: 670029
etag: W/"62dea153-bac"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 3011
expires: Fri, 04 Aug 2023 14:33:19 GMT

GET
H2 200 freepress_white_150.svg
www.winnipegfreepress.com/wp-content/themes/wfp-theme/assets/images/ 6 KB
3 KB 16ms
14ms Image
image/svg+xml 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winnipegfreepress.com/wp-content/themes/wfp-theme/assets/images/freepress_white_150.svg
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 84527d8c9f7c307a5b377a211a312355c554841585aed14ab777f2cd385e38cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:19 GMT
content-encoding: gzip
x-rq: hhn1 0 2 9980
last-modified: Tue, 02 Aug 2022 13:51:03 GMT
server: nginx
age: 308
etag: W/"62e92bc7-1856"
vary: X-Mobile-Class
x-cache: grace
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2768
expires: Fri, 04 Aug 2023 14:33:19 GMT

GET
H2 200 20220802230812-62e9e7cc0e4c200aa584afa8jpeg.jpg
www.winnipegfreepress.com/wp-content/uploads/sites/2/2022/07/ 92 KB
92 KB 11ms
8ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winnipegfreepress.com/wp-content/uploads/sites/2/2022/07/20220802230812-62e9e7cc0e4c200aa584afa8jpeg.jpg
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: fd0cc6b77d971f104ef6314ea03e6a8576919b40f9817b667a52c67d9252ca49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:19 GMT
x-rq: hhn1 109 142 443
last-modified: Thu, 04 Aug 2022 14:31:11 GMT
server: nginx
etag: "4367f8b1c9624afe"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 93978
expires: Fri, 04 Aug 2023 14:31:11 GMT

GET
H2 200 20220802230812-62e9e7cf0e4c200aa584afaajpeg.jpg
www.winnipegfreepress.com/wp-content/uploads/sites/2/2022/07/ 86 KB
86 KB 11ms
8ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winnipegfreepress.com/wp-content/uploads/sites/2/2022/07/20220802230812-62e9e7cf0e4c200aa584afaajpeg.jpg
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 010f58d2cf40681b92644f0f5f5111a914b5955c3d78c3ee7a9940eb701c3290

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:19 GMT
x-rq: hhn1 109 139 443
last-modified: Thu, 04 Aug 2022 14:31:11 GMT
server: nginx
etag: "2735c5c36ea2209c"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 87724
expires: Fri, 04 Aug 2023 14:31:11 GMT

GET
H2 200 JTI_logo.png
www.winnipegfreepress.com/wp-content/themes/fp-inc-base-theme/images/ 4 KB
5 KB 15ms
13ms Image
image/png 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winnipegfreepress.com/wp-content/themes/fp-inc-base-theme/images/JTI_logo.png
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 11443cdc514a219abae49161635dc8d1dcff6723863702099ae81e3697f9ce3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:19 GMT
x-rq: hhn1 0 2 9980
last-modified: Mon, 25 Jul 2022 13:57:39 GMT
server: nginx
age: 670028
etag: W/"62dea153-11de"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 4553
expires: Fri, 04 Aug 2023 14:33:19 GMT

GET
H2 200 scripts.js Show response
www.winnipegfreepress.com/wp-content/plugins/lightbox-photoswipe/assets/ 90 KB
23 KB 8ms
8ms Script
application/javascript 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winnipegfreepress.com/wp-content/plugins/lightbox-photoswipe/assets/scripts.js?m=1659448262g
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 167bf06765aacf24e0707a64739a57ebb429ce921a60e7deac6b912289d6062b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:19 GMT
x-rq: hhn1 0 2 9980
last-modified: Tue, 02 Aug 2022 13:51:02 GMT
server: nginx
age: 6573
etag: W/"62e92bc6-169a6"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 23066
expires: Fri, 04 Aug 2023 14:33:19 GMT

GET
H2 200 e-202231.js Show response
stats.wp.com/ 9 KB
3 KB 33ms
7ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202231.js
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-nc: HIT hhn
date: Thu, 04 Aug 2022 14:33:19 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 23 Jul 2023 21:02:39 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.ZMc2konn7GA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp2vJukgG4ACjZibXYqEzc4lP5x7g/ 241 KB
83 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.ZMc2konn7GA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp2vJukgG4ACjZibXYqEzc4lP5x7g/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.ZMc2konn7GA.O/d=1/rs=AN8SPfp2vJukgG4ACjZibXYqEzc4lP5x7g/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84fa267100dd31a07814a593c9ae4066789526799e1772823e43342e58101b75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Wed, 03 Aug 2022 18:12:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84754
x-xss-protection: 0
last-modified: Tue, 02 Aug 2022 13:22:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 18:12:34 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.winnipegfreepress.com/wp-includes/js/ 18 KB
5 KB 13ms
11ms Script
application/javascript 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winnipegfreepress.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:19 GMT
x-rq: hhn1 0 2 9980
last-modified: Tue, 26 Jul 2022 09:26:28 GMT
server: nginx
age: 64078
etag: W/"62dfb344-48b9"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 5004
expires: Fri, 04 Aug 2023 14:33:19 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 51ms
14ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans+Condensed:ital,wght@0,300;0,700;1,300&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.winnipegfreepress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 01 Aug 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 226870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Aug 2023 23:32:09 GMT

GET
H2 200 fa-solid-900.woff2
www.winnipegfreepress.com/wp-content/client-mu-plugins/frontend/webfonts/ 76 KB
77 KB 11ms
10ms Font
font/woff2 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winnipegfreepress.com/wp-content/client-mu-plugins/frontend/webfonts/fa-solid-900.woff2
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/_static/??-eJyVj90OwjAIRl9Iio2u0Qvjs3Qdc9X+RZjTt7fOmHihJl5B4HDygVMBl5NQEixhPPjEGPxhkDZfoQxZMk++EFpmEkaWWyDGjno7BlGOeYFvBhd8LRBHeLn687zqqrTFvvZ2Is6R4NIo3ai1ij79q5kTnaEdUxeqaKNWSn/0yECxpu0L+OSgtUwwj55vfMOnyv/C3mIdSYp1J9Baaazca/C42cedNs3WaGPM8g68m4Nz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://www.winnipegfreepress.com/_static/??-eJyVj90OwjAIRl9Iio2u0Qvjs3Qdc9X+RZjTt7fOmHihJl5B4HDygVMBl5NQEixhPPjEGPxhkDZfoQxZMk++EFpmEkaWWyDGjno7BlGOeYFvBhd8LRBHeLn687zqqrTFvvZ2Is6R4NIo3ai1ij79q5kTnaEdUxeqaKNWSn/0yECxpu0L+OSgtUwwj55vfMOnyv/C3mIdSYp1J9Baaazca/C42cedNs3WaGPM8g68m4Nz
Origin: https://www.winnipegfreepress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:19 GMT
content-encoding: gzip
age: 308
x-cache: grace
content-length: 78184
x-rq: hhn1 0 2 9980
last-modified: Tue, 02 Aug 2022 13:51:02 GMT
server: nginx
etag: W/"62e92bc6-131bc"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 14:33:19 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 16 KB
16 KB 56ms
33ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.winnipegfreepress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 02 Aug 2022 22:29:32 GMT
x-content-type-options: nosniff
age: 144227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16324
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Aug 2023 22:29:32 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 15 KB
15 KB 51ms
37ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.winnipegfreepress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 02 Aug 2022 22:46:33 GMT
x-content-type-options: nosniff
age: 143206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14964
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Aug 2023 22:46:33 GMT

GET
H2 200 fa-brands-400.woff2
www.winnipegfreepress.com/wp-content/client-mu-plugins/frontend/webfonts/ 75 KB
75 KB 8ms
8ms Font
font/woff2 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winnipegfreepress.com/wp-content/client-mu-plugins/frontend/webfonts/fa-brands-400.woff2
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/_static/??-eJyVj90OwjAIRl9Iio2u0Qvjs3Qdc9X+RZjTt7fOmHihJl5B4HDygVMBl5NQEixhPPjEGPxhkDZfoQxZMk++EFpmEkaWWyDGjno7BlGOeYFvBhd8LRBHeLn687zqqrTFvvZ2Is6R4NIo3ai1ij79q5kTnaEdUxeqaKNWSn/0yECxpu0L+OSgtUwwj55vfMOnyv/C3mIdSYp1J9Baaazca/C42cedNs3WaGPM8g68m4Nz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

Referer: https://www.winnipegfreepress.com/_static/??-eJyVj90OwjAIRl9Iio2u0Qvjs3Qdc9X+RZjTt7fOmHihJl5B4HDygVMBl5NQEixhPPjEGPxhkDZfoQxZMk++EFpmEkaWWyDGjno7BlGOeYFvBhd8LRBHeLn687zqqrTFvvZ2Is6R4NIo3ai1ij79q5kTnaEdUxeqaKNWSn/0yECxpu0L+OSgtUwwj55vfMOnyv/C3mIdSYp1J9Baaazca/C42cedNs3WaGPM8g68m4Nz
Origin: https://www.winnipegfreepress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:19 GMT
content-encoding: gzip
age: 308
x-cache: grace
content-length: 76774
x-rq: hhn1 0 2 9980
last-modified: Tue, 02 Aug 2022 13:51:02 GMT
server: nginx
etag: W/"62e92bc6-12bc0"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 14:33:19 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 19ms
7ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A11.1.2&blog=200448927&post=600036036&tz=-5&srv=www.winnipegfreepress.com&hp=vip&host=www.winnipegfreepress.com&ref=&fcp=449&rand=0.02460162669962518
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

access-control-allow-origin: *
date: Thu, 04 Aug 2022 14:33:19 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
DATA 200
OK truncated Show response
/ Frame 9ADB 2 KB
2 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52cf06797c66d59d2428883cb27b5b083eed8b73ff8e0e11af86ee162e11ad2c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
1 KB 63ms
15ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:21:24 GMT
x-content-type-options: nosniff
age: 715
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 04 Aug 2023 14:21:24 GMT

GET
H/1.1 200
OK data Show response
api.cxense.com/public/widget/ 12 KB
7 KB 605ms
567ms Script
text/javascript 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/public/widget/data?json=%7B%22context%22%3A%7B%22referrer%22%3A%22%22%2C%22categories%22%3A%7B%22testgroup%22%3A%2274%22%7D%2C%22parameters%22%3A%5B%7B%22key%22%3A%22testgroup%22%2C%22value%22%3A%2274%22%7D%5D%2C%22autoRefresh%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.winnipegfreepress.com%2Fsports%2Fbaseball%2F2022%2F08%2F02%2Fwainwright-reunited-with-molina-hurls-cards-past-cubs-6-0%22%7D%2C%22widgetId%22%3A%22d39f003f14070ca28247a61503ecc9e197545ef1%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22l6f51h5ubd9n28k8%22%7D%7D%2C%22prnd%22%3A%22l6f51h5ugoe67n5r%22%7D&media=javascript&sid=null&widgetId=d39f003f14070ca28247a61503ecc9e197545ef1&resizeToContentSize=true&useSecureUrls=true&usi=l6f51h5ubd9n28k8&rnd=1685841659&prnd=l6f51h5ugoe67n5r&tzo=0&callback=cXJsonpCBl6f51hcdv8mufof0

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

82fab4cd76df1386f84191c9a2cc1c7e3bb3cc0d6f865d321c19569ae81eb976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 14:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 6603
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 39ms
16ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:13 GMT
x-content-type-options: nosniff
age: 6
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 04 Aug 2023 14:33:13 GMT

GET
H3 200 pubads_impl_2022080301.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
130 KB 45ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080301.js?cb=31068810

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

d6f327e8f217c193d4139ec967dd138dde3958395b06a4e4cd8e346faa27dedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 10:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13119
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132985
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 08:38:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 04 Aug 2023 10:54:40 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 147 B
131 B 52ms
23ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.winnipegfreepress.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

1d21b5b9239def983562bd5751372e2b2449b03b23653bf8b66f0d47cd5ec80a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

timing-allow-origin: *
date: Thu, 04 Aug 2022 14:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106
x-xss-protection: 0
expires: Thu, 04 Aug 2022 14:33:19 GMT

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 43ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:17:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 15:07:53 GMT

GET
H2 200 622950_web1_56695949.jpg
www.winnipegfreepress.com/wp-content/uploads/sites/2/2022/08/ 456 KB
456 KB 8ms
7ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winnipegfreepress.com/wp-content/uploads/sites/2/2022/08/622950_web1_56695949.jpg
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f9658ba64d298e5974a9195622a2ee32245002f554b2705904795f0debbcca50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:20 GMT
x-rq: hhn1 109 142 443
last-modified: Thu, 04 Aug 2022 00:09:58 GMT
server: nginx
etag: "174ffceb77dfc155"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 466672
expires: Fri, 04 Aug 2023 00:09:58 GMT

GET
H2 200 622935_web1_220715-police-firefighter-games-0321.jpg
www.winnipegfreepress.com/wp-content/uploads/sites/2/2022/08/ 84 KB
84 KB 8ms
7ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winnipegfreepress.com/wp-content/uploads/sites/2/2022/08/622935_web1_220715-police-firefighter-games-0321.jpg
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 12cc6dcf94c532afcc8f01b47291c9bddbcf1198677fc5b66876b254c363d47b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:20 GMT
x-rq: hhn1 109 140 443
last-modified: Thu, 04 Aug 2022 00:09:58 GMT
server: nginx
etag: "b0e8ade7691aa3e6"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 86120
expires: Fri, 04 Aug 2023 00:09:58 GMT

GET
H2 200 623248_web1_20220802_183848.jpg
www.winnipegfreepress.com/wp-content/uploads/sites/2/2022/08/ 98 KB
98 KB 10ms
9ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winnipegfreepress.com/wp-content/uploads/sites/2/2022/08/623248_web1_20220802_183848.jpg
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f7eb8dfd31d8446a2af04307413e2a10aa989a731951e0a832ab193c1b1302a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:20 GMT
x-rq: hhn1 109 88 443
last-modified: Thu, 04 Aug 2022 11:47:56 GMT
server: nginx
etag: "1862bce18d6a69ec"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 100242
expires: Fri, 04 Aug 2023 11:47:56 GMT

GET
H2 200 624513_web1_Anti-Maskers-Steinbach---November-14-2020-2.jpg
www.winnipegfreepress.com/wp-content/uploads/sites/2/2022/08/ 23 KB
23 KB 10ms
9ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winnipegfreepress.com/wp-content/uploads/sites/2/2022/08/624513_web1_Anti-Maskers-Steinbach---November-14-2020-2.jpg
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 926b4eb8106933bd67afea1b87441c688cf3193ef2aa0af9c58cdb26e89e2f16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:20 GMT
x-rq: hhn1 109 144 443
last-modified: Wed, 03 Aug 2022 22:38:05 GMT
server: nginx
etag: "ba7c2882b4e449e4"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 23362
expires: Thu, 03 Aug 2023 22:38:05 GMT

GET
H2 200 623224_web1_220318-DUMAS-STORY-2.jpeg
www.winnipegfreepress.com/wp-content/uploads/sites/2/2022/08/ 28 KB
28 KB 10ms
9ms Image
image/webp 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winnipegfreepress.com/wp-content/uploads/sites/2/2022/08/623224_web1_220318-DUMAS-STORY-2.jpeg
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e0d4ddcd5260261cf255d67cb5d7c46a01a2b89e02d8b7112f5d4026939d1b72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:20 GMT
x-rq: hhn1 109 140 443
last-modified: Wed, 03 Aug 2022 17:57:03 GMT
server: nginx
etag: "9f3ef183d5dff443"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 28250
expires: Thu, 03 Aug 2023 17:57:03 GMT

GET
H2 200 624553_web1_28620997_FBO-GREY-CUP-20191125.JPG
www.winnipegfreepress.com/wp-content/uploads/sites/2/2022/08/ 321 KB
322 KB 10ms
9ms Image
image/jpeg 2a04:fa87:fffd::c000:4221
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winnipegfreepress.com/wp-content/uploads/sites/2/2022/08/624553_web1_28620997_FBO-GREY-CUP-20191125.JPG
Requested by: Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4221 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c7b6fef84597c83d088dfea718d35e3315a37071602b94b97a9c0b10f85c9fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:20 GMT
x-rq: hhn1 109 195 443
last-modified: Wed, 03 Aug 2022 22:57:15 GMT
server: nginx
etag: "b4a361049d648a0b"
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 328890
expires: Fri, 04 Aug 2023 00:03:29 GMT

POST
H/1.1 200
OK identify Show response
account.winnipegfreepress.com/api/v2/auth/ 153 B
1 KB 773ms
268ms XHR
application/json 205.200.191.140
MTS-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://account.winnipegfreepress.com/api/v2/auth/identify

Requested by

Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/_static/??-eJydkM0OwiAQhF9IQPzBejA+Cy20bgNbXMBGn140Gr2Y2CabzGF3Jt+sGANrBkwWk2gcFGE+s+ByBxhFS8+VEQ5qYfS1j+wiuVzyHfeAvI8L8b+/BewsBQJMq0dMxdWMlJNG42ytqaBsCsdUko//bQJsXDY2ir7MOVu6vuQ7+ecR89CRTnYixtgGHcLE7n4wlhBuNONvcYRgidX5UZ9dKr7mcmJMGGIq50d/kGq7V1IptezvXDrUhA==

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.200.191.140 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),

Reverse DNS

205-200-200-191-140.static.bellmts.net

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.25 / PHP/7.4.25

Resource Hash

1db22bdf01203cade1d6367a86f8e233ebabb0e6d5e9f3df3cd91f1bba037689

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.winnipegfreepress.com;
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff
X-Frame-Options	Allow-From https://winnipegfreepress.com/

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.winnipegfreepress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 04 Aug 2022 14:33:21 GMT
Strict-Transport-Security: max-age=63072000;
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.4.25
Connection: Keep-Alive
Content-Length: 153
Referrer-Policy
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.25
X-Frame-Options: Allow-From https://winnipegfreepress.com/
Content-Security-Policy: frame-ancestors 'self' https://*.winnipegfreepress.com;
X-RateLimit-Remaining: 59
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.winnipegfreepress.com
Cache-Control: max-age=0, no-store
Access-Control-Allow-Credentials: true
X-RateLimit-Limit: 60
Keep-Alive: timeout=5, max=100

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 51ms
21ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=651105720&t=pageview&_s=1&dl=https%3A%2F%2Fwww.winnipegfreepress.com%2Fsports%2Fbaseball%2F2022%2F08%2F02%2Fwainwright-reunited-with-molina-hurls-cards-past-cubs-6-0&ul=en-us&de=UTF-8&dt=Wainwright%2C%20reunited%20with%20Molina%2C%20hurls%20Cards%20past%20Cubs%206-0%20%E2%80%93%20Winnipeg%20Free%20Press&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAAC~&jid=1372859849&gjid=1424495198&cid=1020900097.1659623600&tid=UA-350959-63&_gid=1175333477.1659623600&_r=1&_slc=1&cd2=not-logged-in&cd9=full-access&z=1615582189

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winnipegfreepress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 14:33:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.winnipegfreepress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK segment Show response
api.cxense.com/profile/user/ 77 B
693 B 19ms
19ms Script
text/javascript 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/profile/user/segment?callback=cXJsonpCBl6f51il7q3x2ogy6&persisted=38d5e37a13985ceec570aaaacd3a7c2f5defc36d&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22l6f51h5ubd9n28k8%22%2C%22type%22%3A%22cx%22%7D%5D%7D

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

6aea7adb9a801f26343542325cab072491d383d9b1632cd7c6e37f85e551f8b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 14:33:21 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 77
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame BB92 684 B
749 B 11ms
11ms Document
text/html 2a02:26f0:6c00:2a7::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer: https://www.winnipegfreepress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 379
Content-Type: text/html
Date: Thu, 04 Aug 2022 14:33:21 GMT
Expires: Sun, 14 Aug 2022 14:33:21 GMT
Last-Modified: Tue, 11 Jan 2022 07:21:04 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H/1.1 200
OK data Show response
api.cxense.com/public/widget/ 144 B
761 B 20ms
20ms Script
text/javascript 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/public/widget/data?json=%7B%22context%22%3A%7B%22referrer%22%3A%22%22%2C%22categories%22%3A%7B%22testgroup%22%3A%2274%22%7D%2C%22parameters%22%3A%5B%7B%22key%22%3A%22subscription%22%2C%22value%22%3A%22not-logged-in%22%7D%2C%7B%22key%22%3A%22ver%22%2C%22value%22%3A%222.47%22%7D%2C%7B%22key%22%3A%22testGroup%22%2C%22value%22%3A%2274%22%7D%2C%7B%22key%22%3A%22testgroup%22%2C%22value%22%3A%2274%22%7D%5D%2C%22autoRefresh%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.winnipegfreepress.com%2Fsports%2Fbaseball%2F2022%2F08%2F02%2Fwainwright-reunited-with-molina-hurls-cards-past-cubs-6-0%22%7D%2C%22widgetId%22%3A%227aa4ebd5b5458d44d4f7689da2e1117fc40ea430%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22l6f51h5ubd9n28k8%22%7D%7D%2C%22prnd%22%3A%22l6f51h5ugoe67n5r%22%7D&media=javascript&sid=9222350621649330874&widgetId=7aa4ebd5b5458d44d4f7689da2e1117fc40ea430&resizeToContentSize=true&useSecureUrls=true&usi=l6f51h5ubd9n28k8&rnd=1633456106&prnd=l6f51h5ugoe67n5r&tzo=0&callback=cXJsonpCBl6f51ilyxwg7ok9s

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

e1a5058a322aab0d4558cd0681734cc180c14a9c2cf6c8bad1703a15142d94cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 14:33:21 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 144
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK data Show response
api.cxense.com/public/widget/ 7 KB
3 KB 47ms
28ms Script
text/javascript 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/public/widget/data?json=%7B%22context%22%3A%7B%22referrer%22%3A%22%22%2C%22categories%22%3A%7B%22testgroup%22%3A%2274%22%7D%2C%22parameters%22%3A%5B%7B%22key%22%3A%22subscription%22%2C%22value%22%3A%22not-logged-in%22%7D%2C%7B%22key%22%3A%22ver%22%2C%22value%22%3A%222.47%22%7D%2C%7B%22key%22%3A%22testGroup%22%2C%22value%22%3A%2274%22%7D%2C%7B%22key%22%3A%22testgroup%22%2C%22value%22%3A%2274%22%7D%5D%2C%22autoRefresh%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.winnipegfreepress.com%2Fsports%2Fbaseball%2F2022%2F08%2F02%2Fwainwright-reunited-with-molina-hurls-cards-past-cubs-6-0%22%7D%2C%22widgetId%22%3A%2262c38e54b217439759d06038781fa86b8ae4e8b0%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22l6f51h5ubd9n28k8%22%7D%7D%2C%22prnd%22%3A%22l6f51h5ugoe67n5r%22%7D&media=javascript&sid=9222350621649330874&widgetId=62c38e54b217439759d06038781fa86b8ae4e8b0&resizeToContentSize=true&useSecureUrls=true&usi=l6f51h5ubd9n28k8&rnd=339752099&prnd=l6f51h5ugoe67n5r&tzo=0&callback=cXJsonpCBl6f51im0hyscgj3a

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

8c16a3cdec439ff027157d5dd19b0254e347f5ff4b917433bed7c3f644afd8ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 14:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 2367
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 93ms
33ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.winnipegfreepress.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080301.js?cb=31068810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

timing-allow-origin: *
date: Thu, 04 Aug 2022 14:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 63ms
24ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.winnipegfreepress.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080301.js?cb=31068810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

timing-allow-origin: *
date: Thu, 04 Aug 2022 14:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 39 KB
16 KB 72ms
71ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1175642472676726&correlator=655355477289025&eid=31068746%2C31068810%2C42531606%2C31067826&output=ldjh&gdfp_req=1&vrg=2022080301&ptt=17&impl=fif&iu_parts=3823844%2Cwinnipegfreepress.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=2661448796&sfv=1-0-38&fsapi=false&prev_scp=loc%3Dtop%26pos%3D1%26page%3Dstory%26ut%3Dnot-logged-in%26ck%3Dsports%2Cbaseball%2Cweather-sunny%2Cweather-sunny%2Cweather-0_5%26imp%3Dbaseball%26pr%3Dnews&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1659623601557&lmt=1659623601&dlt=1659623599581&idt=445&adxs=984&adys=315&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.winnipegfreepress.com%2Fsports%2Fbaseball%2F2022%2F08%2F02%2Fwainwright-reunited-with-molina-hurls-cards-past-cubs-6-0&frm=20&vis=1&psz=300x270&msz=300x125&fws=4&ohw=300&ga_vid=1020900097.1659623600&ga_sid=1659623602&ga_hid=651105720&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080301.js?cb=31068810

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a7ac87de3bd1a3de8494ec844b958b2ccb9cbdf742a4655b8b6c231908767dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15890
x-xss-protection: 0
google-lineitem-id: 6068942395
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138400760443
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winnipegfreepress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 39 KB
15 KB 63ms
62ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1175642472676726&correlator=747862842189262&eid=31068746%2C31068810%2C42531606%2C31067826&output=ldjh&gdfp_req=1&vrg=2022080301&ptt=17&impl=fif&iu_parts=3823844%2Cwinnipegfreepress.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C300x600&ifi=2&adks=2960858577&sfv=1-0-38&fsapi=false&prev_scp=loc%3Dbot%26pos%3D1%26page%3Dstory%26ut%3Dnot-logged-in%26ck%3Dsports%2Cbaseball%2Cweather-sunny%2Cweather-sunny%2Cweather-0_5%26imp%3Dbaseball%26pr%3Dnews&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1659623601562&lmt=1659623601&dlt=1659623599581&idt=445&adxs=976&adys=610&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.winnipegfreepress.com%2Fsports%2Fbaseball%2F2022%2F08%2F02%2Fwainwright-reunited-with-molina-hurls-cards-past-cubs-6-0&frm=20&vis=1&psz=0x57&msz=160x0&fws=4&ohw=300&ga_vid=1020900097.1659623600&ga_sid=1659623602&ga_hid=651105720&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080301.js?cb=31068810

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

316070c55ed64d69029588bc58a598a411e82a95f4d8c7ea099e38624cfa0f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15804
x-xss-protection: 0
google-lineitem-id: 6069701741
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138400301025
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winnipegfreepress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
15 KB 70ms
69ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1175642472676726&correlator=3311773422738235&eid=31068746%2C31068810%2C42531606%2C31067826&output=ldjh&gdfp_req=1&vrg=2022080301&ptt=17&impl=fif&iu_parts=3823844%2Cwinnipegfreepress.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=3&adks=2788323370&sfv=1-0-38&fsapi=false&prev_scp=loc%3Dbottom%26pos%3D3%26page%3Dstory%26ut%3Dnot-logged-in%26ck%3Dsports%2Cbaseball%2Cweather-sunny%2Cweather-sunny%2Cweather-0_5%26imp%3Dbaseball%26pr%3Dnews&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1659623601565&lmt=1659623601&dlt=1659623599581&idt=445&adxs=316&adys=5009&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.winnipegfreepress.com%2Fsports%2Fbaseball%2F2022%2F08%2F02%2Fwainwright-reunited-with-molina-hurls-cards-past-cubs-6-0&frm=20&vis=1&psz=968x24&msz=968x0&fws=4&ohw=968&ga_vid=1020900097.1659623600&ga_sid=1659623602&ga_hid=651105720&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080301.js?cb=31068810

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

7bf51e0d963984ec8b77437ff472e27844adf00be9f7bbb10f0d61b2afb96a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
google-lineitem-id: 6076173774
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138399866109
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winnipegfreepress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 437 B
260 B 60ms
59ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1175642472676726&correlator=618964224681134&eid=31068746%2C31068810%2C42531606%2C31067826&output=ldjh&gdfp_req=1&vrg=2022080301&ptt=17&impl=fif&iu_parts=3823844%2Cwinnipegfreepress.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=180x40&ifi=4&adks=597513501&sfv=1-0-38&fsapi=false&prev_scp=loc%3DweatherSlideOut%26pos%3D1%26page%3Dstory%26ut%3Dnot-logged-in%26ck%3Dsports%2Cbaseball%2Cweather-sunny%2Cweather-sunny%2Cweather-0_5%26imp%3Dbaseball%26pr%3Dnews&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1659623601567&lmt=1659623601&dlt=1659623599581&idt=445&adxs=-424&adys=89&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.winnipegfreepress.com%2Fsports%2Fbaseball%2F2022%2F08%2F02%2Fwainwright-reunited-with-molina-hurls-cards-past-cubs-6-0&frm=20&vis=1&psz=400x-1&msz=180x-1&fws=516&ohw=400&ga_vid=1020900097.1659623600&ga_sid=1659623602&ga_hid=651105720&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080301.js?cb=31068810

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

45991b35aaa6afbbd40ed6d05b67f06796a907803968b310aff02dda972eb48c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 230
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winnipegfreepress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
15 KB 68ms
67ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1175642472676726&correlator=3265155552949887&eid=31068746%2C31068810%2C42531606%2C31067826&output=ldjh&gdfp_req=1&vrg=2022080301&ptt=17&impl=fif&iu_parts=3823844%2Cwinnipegfreepress.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=5&adks=658958671&sfv=1-0-38&fsapi=false&prev_scp=loc%3Dtop%26pos%3D1%26page%3Dstory%26ut%3Dnot-logged-in%26ck%3Dsports%2Cbaseball%2Cweather-sunny%2Cweather-sunny%2Cweather-0_5%26imp%3Dbaseball%26pr%3Dnews&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1659623601569&lmt=1659623601&dlt=1659623599581&idt=445&adxs=316&adys=144&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.winnipegfreepress.com%2Fsports%2Fbaseball%2F2022%2F08%2F02%2Fwainwright-reunited-with-molina-hurls-cards-past-cubs-6-0&frm=20&vis=1&psz=1000x0&msz=968x0&fws=0&ohw=0&ga_vid=1020900097.1659623600&ga_sid=1659623602&ga_hid=651105720&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080301.js?cb=31068810

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

90e8382b56f9bebd5dd1c45852abb2059225a3c2e7d21bb722017f7c6cc811e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15526
x-xss-protection: 0
google-lineitem-id: 6076173774
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138399866109
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winnipegfreepress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
12 KB 66ms
66ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1175642472676726&correlator=4129310105504086&eid=31068746%2C31068810%2C42531606%2C31067826&output=ldjh&gdfp_req=1&vrg=2022080301&ptt=17&impl=fif&iu_parts=3823844%2Cwinnipegfreepress.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=4x4&ifi=6&adks=3616694195&sfv=1-0-38&fsapi=false&prev_scp=loc%3Dtop%26pos%3D1%26page%3Dstory%26ut%3Dnot-logged-in%26ck%3Dsports%2Cbaseball%2Cweather-sunny%2Cweather-sunny%2Cweather-0_5%26imp%3Dbaseball%26pr%3Dnews&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1659623601572&lmt=1659623601&dlt=1659623599581&idt=445&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.winnipegfreepress.com%2Fsports%2Fbaseball%2F2022%2F08%2F02%2Fwainwright-reunited-with-molina-hurls-cards-past-cubs-6-0&frm=20&vis=1&psz=4x0&msz=4x0&fws=0&ohw=0&ga_vid=1020900097.1659623600&ga_sid=1659623602&ga_hid=651105720&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080301.js?cb=31068810

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e9b8349aaf39e3bd20159aa3f6667b664d1d153685794278905f42a78df09bfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12591
x-xss-protection: 0
google-lineitem-id: 4467458844
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 119509455844
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.winnipegfreepress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
11 KB 86ms
29ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080301.js?cb=31068810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e05fc54307cbfa82acba39215837ee67c5b087d3c7af2f9010a76aabca1b4de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

timing-allow-origin: *
date: Thu, 04 Aug 2022 14:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10454
x-xss-protection: 0

GET container.html
5e3441cfaba0b6943618341191da2e14.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EAF9 0
0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
449 B 57ms
20ms XHR
text/plain 2a00:1450:400c:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-350959-63&cid=1020900097.1659623600&jid=1372859849&gjid=1424495198&_gid=1175333477.1659623600&_u=aEBAAEAAEAAAAC~&z=1451819687

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winnipegfreepress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 04 Aug 2022 14:33:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.winnipegfreepress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame BB92 83 KB
27 KB 12ms
11ms Script
application/x-javascript 2a02:26f0:6c00:2a7::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b6864bdada069d9e3cee16d090651eb942cd22f5bca55d5a37802a092cdbf97c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Thu, 04 Aug 2022 14:33:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Aug 2022 12:28:01 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26873
Expires: Thu, 04 Aug 2022 15:33:21 GMT

GET p1.js
p1cluster.cxense.com/ Frame BB92 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 51ms
50ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumoJ7Bfy7EDvzMQsFPob5IuwfrAVaux4dFgAYaIcpijVYN5lvwfwQBwDay-fnhJ5TUFpADtH83G79OZoZgH1uJlRi0DzbozLBvP--eqF-X78LFcwFx52IK3uEhrzYjMmxBQzNYBqaPx8Jtw5QoLQI1JywbPYmrMEWlH4XvoxKOHwddkEoxvyXMGslSyXj-lHeVutBorersa_tdzZkFd0Ey64fiM3iUMQfqReDJvD24Am3krwb0Si5fh7laXIFFEqBE2ZsldixuPNfqivmPvgM_A7EFiHCyAwsjLt1hzBh8QMWSA7Hk03tCIst2tNErZIcgWyawkwQUKo4-241ZvGiz8oA&sai=AMfl-YTRyWjYxR7r9CAE740dDPIdmZ4Xgr3tukW5ovMwmHWhOWvp-49F-b2WDeMZptf38STM5aLNbO3B5Tbgqc5cI5uTtiFaInMSocNtdcK3&sig=Cg0ArKJSzChGC4dCdtbxEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

timing-allow-origin: *
date: Thu, 04 Aug 2022 14:33:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 04 Aug 2022 14:33:21 GMT

GET
H2 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220802/r20110914/client/ 3 KB
2 KB 49ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220802/r20110914/client/window_focus.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080301.js?cb=31068810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1431
x-xss-protection: 0
server: cafe
etag: 17826921741551292351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 14:09:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 139 KB
43 KB 65ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080301.js?cb=31068810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winnipegfreepress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 04 Aug 2022 14:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43822
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659527892023609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 14:33:21 GMT

GET
H2 200 1087510589859497152
tpc.googlesyndication.com/simgad/ 73 KB
73 KB 50ms
15ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1087510589859497152

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080301.js?cb=31068810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55d280919e61919874deb059b6d5f2d3b977262e64dc0c28e138a2905731978d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 07:03:03 GMT
x-content-type-options: nosniff
age: 27018
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74346
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 20:46:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Aug 2023 07:03:03 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 85ms
49ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-350959-63&cid=1020900097.1659623600&jid=1372859849&_u=aEBAAEAAEAAAAC~&z=268285467

Requested by

Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 14:33:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 87ms
40ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-350959-63&cid=1020900097.1659623600&jid=1372859849&_u=aEBAAEAAEAAAAC~&z=268285467

Requested by

Host: www.winnipegfreepress.com
URL: https://www.winnipegfreepress.com/sports/baseball/2022/08/02/wainwright-reunited-with-molina-hurls-cards-past-cubs-6-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 14:33:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 52ms
52ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGPmKSflk-ZSJmoB2ikKDa6RxlwcL8fNNLhFsulKABDPSVVUpsN7BZUqxJQZ2yt97oyfV-wdQ2bTFt98WPnTTjDjEL60uLc1BgcDfKNwX9A3JHxU_7otkOr2H1wiOiGQKxbd7plmHUKj6US3DquPNsn8ecwebNJedZh1trQE7Qo1zPuT9U0RG0KqOc7O-aHXU3UH_RnTonhiOZKGQKn5e-icLDDbpKbFbOvrSa8st3obWDByJ3oOhxVoJlX65kirjejU8FkEyAVqKB2_JX4vpFVJTyfBW9v-6qbrJeX2D-7gAyxeao7guwg7r-NMK4TDcSuliymynRmH66T-3x9R4jKmo0hA&sai=AMfl-YSqOb7MAEQxKS1q2jG18wLSCjFO65qL0DRvvS18OsXdVuzh8XhITy3FLdJaUb7AAV-L-5XwyPOn6kDZJTAonaUJeeYEYk3q4hCZ1W9T&sig=Cg0ArKJSzGZIJYgZ06lbEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

timing-allow-origin: *
date: Thu, 04 Aug 2022 14:33:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 04 Aug 2022 14:33:21 GMT

GET
DATA 200
OK truncated
/ 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95e2dd89b9a486f4494eb44bfbef835322448a6ad08a3f358ad419236cd43245

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 252ms
29ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080301.js?cb=31068810

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 14:33:22 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4C2C 13 KB
5 KB 13ms
13ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winnipegfreepress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 958
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 14:17:24 GMT
expires: Fri, 04 Aug 2023 14:17:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 10E3 783 B
534 B 52ms
22ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b03df6966c9e752f043ef04f36f9bef7f3fcb9661a2f6c80708d97ef83ffff83

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IIbjmviycNoMTA-Qbu5CDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.winnipegfreepress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-IIbjmviycNoMTA-Qbu5CDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 14:33:22 GMT
expires: Thu, 04 Aug 2022 14:33:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C2C 36 KB
14 KB 48ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 08:54:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14146
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 08:54:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 10E3 0
0 48ms
47ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022080301&jk=1175642472676726&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4C2C 0
9 B 13ms
13ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nI9q9w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Thu, 04 Aug 2022 14:33:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 54ms
53ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022080301&jk=1175642472676726&bg=!ZWalZiLNAAZGjrx1Zo47ACkAdvg8WtmBZ8xk4YIeVIPEBzX9Ght__gM39LfokVjdogCQ3vtIIzXoVgIAAABBUgAAAAFoAQcKANnHlJStOr-HtUn2jVGy5l5zoYOP3tu8b3JRzemjf8Tn6S-QACbgsaCaBcFNsJnlcyr5vLlo9eMCSh3mOHgX7cb6asr2pM4cp_S4M8e743IhczEaNGZjJqMHwQAMqRfjORHiOGM4V5rq_f47mngmTHTqBGRU7jF2GL8z1Y_saPQeKX9Wpo7GyafMx2wXJXhjmhMptKHmEDWhbIPaP7C_KJfKh7Mc35opMOwIuMpgEBL-RUxVkHR8CxjsxrisWCpMQTxHe0QltWig8gynTIF9bArTUYR3BhbhgsiimQKfI3KtQry0tM_9bZ6jitdd9-DyWTH7mXE6YXbwd7udCDrt8kSFnDxlhMYIez6pYAMWWr2SuTHSpfmRrTeoNvnp8tRpbHgEDHhOxX1xIGE9ED32OfPYye1A3MVsftcUbQoQ5P1UDv0ZOd1fnl7bP6NHZUopVArZq7vxV5pLGtObgXgQBlcviNYlSD_QGKIaXiQw3IRCIwOJOcOdyTZzrqugFQ_VDMIVZUwXPYym4WRoXdCtFTXCKLI6bf5QSPyNnKkdXQyLHgGOFeryYCOekwLcA2BMTrc9WSwWQ4CUtAlcUE94HE2zUKesFm6Fpl7_4LHWl7CnBiIs5AyeaFLeeo8XODIgd9X9tCgYh3oTq8vekMVCCcLDA4eteaFc3K3d2KRk9JuJK-VocuVgGDDuR6xVHQnBPQB07XGKJbm6bvjkW0M_u9HvzMt13kRIzos5qclJ1mWeYL4jAeBmGVm8-JoLrjtrFVO1xqr67ZsG30DPyaUwXXb3G6Bg9UkVvvntwOHcjy93Bapov3O5CixO1vATUj9jd_WyK7qliq2cI77daO0aePQE-narOqitACkK87NM-luWTpwhORZt1NZN5GU1ZrDN3Mk9-igtLAS68eDhQjbkimj2sALeem9ljFHHrityskQ-C7QaOEduBlOEzchArlILSkjMp3RKKsPLOT97Cj5-YdolY666E8M0AEuA4wnss4nVDN9p7r2t9swqOBOGd0ZSRYTZGoBfOZA1b4Qw5QcvoWonf2RN6PVIwFGo_aISmJvk5VxaVbQbhbksjhJWdZswTxB5Jp1sWBLtTaqR144Q_8IRrJIWOZ28mFpsDWmBsirwiJGjuYNy7sbntKUBo6NpKTZ8RK4432SxbMcd_98ChOngBtNqyH8f5Xo6AdE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ 42 B
64 B 85ms
55ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1zFHo7lDLloQ6pn78P24_SrNqnq1G3BKzKkZ4ja-jlqklxkxbIbdPjJ3H3NnDHS8aA8Do2wAlnLmUKyIEBiE196ceqlXN9YEK4Jlv_PrxdOtswZA7yls3_5m0rA4qtDUzEmklYmyiOtW5VFNKByzUeONZQieNoX5IGSRDJXtodJ1ACrzcopXnYoP_fWkLYKx6ltG6B3-9lpr6mPjgsBIkqWpjA2pzxe6SDeTOCxPiC5lBp9_EwN2--aQ2i4HSRjEyyg6r6yYT2XJPXcYwH5XWxYCJAjUrDyAFhms345tKP_uC2gjIzUeOML8wMmARfodD0gNInxIstLirDRfrk7oZ0dZYP8b8fGxluA&sai=AMfl-YRRnzKBd9Kp3_casTSe1XdSp87wkAGiYSa_ZdFD3kIcZ8Z0h_q3UpfLoAsEXGrqqoFvKD71F9nyuYAcoFOQOecadLwj94QGmp6abq5p&sig=Cg0ArKJSzLnQKGHKQf7KEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220803&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2960858577&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1659623599302&rpt=2465&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winnipegfreepress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 14:33:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 5e3441cfaba0b6943618341191da2e14.safeframe.googlesyndication.com
URL: https://5e3441cfaba0b6943618341191da2e14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Domain: p1cluster.cxense.com
URL: https://p1cluster.cxense.com/p1.js

Verdicts & Comments Add Verdict or Comment

211 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.winnipegfreepress.com/	1970-01-20 14:36:23	Name: _ga Value: GA1.2.1020900097.1659623600
.winnipegfreepress.com/	1970-01-20 05:01:49	Name: _gid Value: GA1.2.1175333477.1659623600
.winnipegfreepress.com/	1970-01-20 13:45:59	Name: cX_P Value: l6f51h5ubd9n28k8
.cxense.com/	1970-01-20 13:45:59	Name: gckp Value: 2l49uvfbna7mm32cv17pcqsi5y
.winnipegfreepress.com/	1970-01-20 05:00:27	Name: fingerprint_hash Value: 15df4a113093b93b4ce7bd7af6f22f87
account.winnipegfreepress.com/	1970-01-20 05:00:30	Name: fpnewsplatform_session Value: nGrYNlXfPQfJSgvFcBBLch8ZeERSEodQQRhCBByf
.winnipegfreepress.com/	1970-01-20 05:00:23	Name: _gat Value: 1
.winnipegfreepress.com/	1970-01-20 14:36:23	Name: _pctx Value: %7Bu%7DN4IgDghg5gpgagSxgdwJIBMQC4QBsBsAZgKwCMAFsQK5QD2M%2BA7AHbEBOIANCAEZu3IAzjDYZseImUpUe6AJzMATAA4A1sq4gqwtoOzMquXN20iAygBcIF7fsPGQghBZhiccxZ4DMxAAz5FUnwAFjkvL19lRmCQAF8gA
.winnipegfreepress.com/	1969-12-31 23:59:59	Name: cX_S Value: l6f51iluh72ih9q4
.winnipegfreepress.com/	1970-01-20 14:21:59	Name: __gads Value: ID=8677785ff94bb523-2269d462e5cd0089:T=1659623601:S=ALNI_MZp_1mWsblPxR639ugt0b9kUIR3-A
.doubleclick.net/	1970-01-20 14:21:59	Name: IDE Value: AHWqTUlb4vLzxvHGIBWENwwC03d_-kfs22Cx7x7Tlr5_uERnH_sn_mJsXXSQgZqe9Ec

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080301.js?cb=31068810(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080301.js?cb=31068810(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5e3441cfaba0b6943618341191da2e14.safeframe.googlesyndication.com
account.winnipegfreepress.com
adservice.google.com
adservice.google.de
api.cxense.com
apis.google.com
cdn.cxense.com
fonts.googleapis.com
fonts.gstatic.com
news.google.com
p1cluster.cxense.com
pagead2.googlesyndication.com
pixel.wp.com
scdn.cxense.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.winnipegfreepress.com
5e3441cfaba0b6943618341191da2e14.safeframe.googlesyndication.com
p1cluster.cxense.com
142.250.181.226
147.75.85.120
192.0.76.3
205.200.191.140
2a00:1450:4001:800::2008
2a00:1450:4001:806::2004
2a00:1450:4001:808::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:400c:c0d::9c
2a02:26f0:10e:380::268b
2a02:26f0:6c00:2a7::268b
2a04:fa87:fffd::c000:4221
010f58d2cf40681b92644f0f5f5111a914b5955c3d78c3ee7a9940eb701c3290
073e7619ca446d1bde9d2f3f25d876599f02fed92788d2df34a77837623f3a7a
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
104d9312b0ab49ab36365302d0dbc3db5dc9f5a24d8d4494bc4dd3f27b343714
11443cdc514a219abae49161635dc8d1dcff6723863702099ae81e3697f9ce3d
12cc6dcf94c532afcc8f01b47291c9bddbcf1198677fc5b66876b254c363d47b
13689523a09825f3186a135d2234306e7a5e1a294b176745b3c9c8417b59a73b
167bf06765aacf24e0707a64739a57ebb429ce921a60e7deac6b912289d6062b
1d21b5b9239def983562bd5751372e2b2449b03b23653bf8b66f0d47cd5ec80a
1db22bdf01203cade1d6367a86f8e233ebabb0e6d5e9f3df3cd91f1bba037689
288d1b6481760012a8dfc911872d7dd6ff4f10fed77356cbf1d453d14bcaf9b3
316070c55ed64d69029588bc58a598a411e82a95f4d8c7ea099e38624cfa0f91
3b9051c50f5fd8ee89213edf56e7080e1e31afec51ce401a1cc9cb5602396217
45991b35aaa6afbbd40ed6d05b67f06796a907803968b310aff02dda972eb48c
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
52cf06797c66d59d2428883cb27b5b083eed8b73ff8e0e11af86ee162e11ad2c
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d280919e61919874deb059b6d5f2d3b977262e64dc0c28e138a2905731978d
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6aea7adb9a801f26343542325cab072491d383d9b1632cd7c6e37f85e551f8b4
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
6e05fc54307cbfa82acba39215837ee67c5b087d3c7af2f9010a76aabca1b4de
729a501aa8ab4d1fef954bdff2751ab4cc896c02a878113fd93ce56451cf4535
7bf51e0d963984ec8b77437ff472e27844adf00be9f7bbb10f0d61b2afb96a78
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82fab4cd76df1386f84191c9a2cc1c7e3bb3cc0d6f865d321c19569ae81eb976
84527d8c9f7c307a5b377a211a312355c554841585aed14ab777f2cd385e38cb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84fa267100dd31a07814a593c9ae4066789526799e1772823e43342e58101b75
8c16a3cdec439ff027157d5dd19b0254e347f5ff4b917433bed7c3f644afd8ef
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
90e8382b56f9bebd5dd1c45852abb2059225a3c2e7d21bb722017f7c6cc811e6
926b4eb8106933bd67afea1b87441c688cf3193ef2aa0af9c58cdb26e89e2f16
95e2dd89b9a486f4494eb44bfbef835322448a6ad08a3f358ad419236cd43245
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9a498fa67baa2666eed28350f8a5c0b49b7d5de7899b1950a68dba7342eaab7a
9c7b6fef84597c83d088dfea718d35e3315a37071602b94b97a9c0b10f85c9fd
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a7ac87de3bd1a3de8494ec844b958b2ccb9cbdf742a4655b8b6c231908767dac
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b03df6966c9e752f043ef04f36f9bef7f3fcb9661a2f6c80708d97ef83ffff83
b6864bdada069d9e3cee16d090651eb942cd22f5bca55d5a37802a092cdbf97c
bc641b6eb1ecfb02acdf5abe13fca03ca9dbfd506cc9000c63897e50e30b89b3
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
c22acf033355e1f3cdfc9756a855d7d448719b0c3daf345b609e3e911e0b0c32
cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0
d6f327e8f217c193d4139ec967dd138dde3958395b06a4e4cd8e346faa27dedc
e0d4ddcd5260261cf255d67cb5d7c46a01a2b89e02d8b7112f5d4026939d1b72
e1367671f0ae67ab5ecd2f19c0d67562f23be5a660112fd859062493ff60bf8d
e1916e916d1959dc90227525475467f0befc77019296c1d2cbbc4abee2b61f33
e1a5058a322aab0d4558cd0681734cc180c14a9c2cf6c8bad1703a15142d94cc
e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b8349aaf39e3bd20159aa3f6667b664d1d153685794278905f42a78df09bfa
eb578e5229cead21a487f38f0428ce5362cc04b13dfbc686cb380be538c0e79f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f37b447568db0f206c5b2def4e88a2bcfc5607c537a7155d68d76d37a83a859b
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f7eb8dfd31d8446a2af04307413e2a10aa989a731951e0a832ab193c1b1302a4
f9658ba64d298e5974a9195622a2ee32245002f554b2705904795f0debbcca50
fd0cc6b77d971f104ef6314ea03e6a8576919b40f9817b667a52c67d9252ca49

www.winnipegfreepress.com Open in urlscan Pro 2a04:fa87:fffd::c000:4221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

77 Requests

97 %HTTPS

83 %IPv6

12 Domains

27 Subdomains

26 IPs

7 Countries

2595 kBTransfer

4958 kBSize

11 Cookies

1 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.winnipegfreepress.com Open in urlscan Pro
2a04:fa87:fffd::c000:4221 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

97 %
HTTPS

83 %
IPv6

12
Domains

27
Subdomains

26
IPs

7
Countries

2595 kB
Transfer

4958 kB
Size

11
Cookies

77 HTTP transactions
2 data transactions